Changelog

Added

• Enterprise managed-policy support. IT administrators can now lock the extension toggle via Chrome's managed storage (GPO on Windows, MDM on macOS/iOS, Google Admin Console). When forceEnabled: true is pushed by an admin, the popup toggle is locked ON and the extension stays active. Consumer users with no managed policy see zero change.
• Medical Record Number (MRN) detection. Recognizes patient identifiers in formats like MRN: 12345678, Patient ID: 12345678, Medical Record Number: 12345678, Med Rec: 12345678. Auto-masked as critical PII alongside credit cards, SSNs, and API keys. Built for healthcare workers using AI chatbots without exposing protected health information.
• Site indicator strip in the popup. Shows whether PiiBlocker is active on the page you're on (green for ChatGPT/Claude/Gemini, gray for unsupported sites).
• Dark mode across the popup, weekly report, and personal dictionary. Follows your OS appearance preference automatically.
• Empty-state and onboarding hints for first-time users - no more confusing zeros on the privacy score.
• Privacy score qualifier text. "Excellent - your data is well protected" / "Good - keep it up" / "Fair - consider masking more items" alongside the numeric score.

Improved

• Popup layout overhaul. Compact no-scroll design fits all content in a single view. Cleaner link list with chevron arrows and row highlights. New stat labels (Found, Protected, You Clicked, Sessions) with hover tooltips explaining each metric.
• Personal Dictionary now has search/filter, sorting (newest first), entry count, auto-focused add input, two-stage delete confirmation, and human-readable relative timestamps ("3 days ago" instead of raw dates).
• Weekly report hides share and score sections when there's no activity yet, uses a unified color palette, and includes a brighter back button.

Fixed

• Critical: ChatGPT "Send Protected" occasionally submitting the original unmasked text. A race condition between text replacement and submit on ChatGPT's React-based composer could cause real PII to be sent to the AI despite the masking dialog completing successfully. Fixed by adding a brief frame wait to let ChatGPT's editor state flush before submitting.
• Long-lived tabs no longer become "zombie" tabs. When a tab stayed open for 24+ hours, the background service worker could die and leave the extension in a broken state - detection failed silently and the send button stopped responding. The extension now self-heals: a 30-second heartbeat detects when the service worker dies and either re-injects itself or shows a clear "please refresh" banner.
• Tooltip clipping near input field edges. The PII type tooltip (showing detection type and confidence) was being cut off when PII was near the right edge or top of the input. Tooltip now lives in its own layer above the page and flips below the highlight when there's no room above.
• Weekly report date range now displays correctly. A reactivity bug was rendering the date range as a literal function instead of a formatted string.
• False-positive name detection on common words like "Singapore", "Sydney", "view", and "web". These no longer trigger Person Name detection.
• Service worker resilience improvements when SPA navigation (switching conversations within ChatGPT/Claude) recreates the page state.

Security

• No new permissions added in this release. The managed-policy feature uses Chrome's existing storage permission - no expanded surface area.

Added

• National Insurance Number (UK) detection.
• UK mobile phone number patterns.

Fixed

• Send Unprotected required 2-3 clicks to actually go through (race condition on Claude's submit button).
• NER false positives on common English words misidentified as names.

Improved

• More accurate person-name detection (compromise.js NER tuning).

Fixed

• Extension context invalidation handling. When the extension was reloaded mid-session (during development or after an auto-update), open tabs could end up in an inconsistent state. The extension now detects this and shows a "please refresh" banner instead of silently failing.
• Fail-safe submit blocking. If the extension context is invalid at the moment you click Send, the submit is blocked rather than potentially leaking PII through a broken detection pipeline.

Changed

• Renamed from PrivacyShield to PiiBlocker. All user-facing branding updated across the popup, store listing, marketing site, and notifications. Internal code identifiers (log tags, database name, CSS prefixes) were preserved to minimize change risk.

Initial public release on the Chrome Web Store.

Features at launch

• Detection of 17 types of personally identifiable information across three tiers:
  • Critical (auto-masked): Credit cards (with Luhn validation), Social Security numbers, National Identity Cards, API keys (OpenAI, AWS, GitHub patterns), passwords in context, bank account numbers.
  • Soft (detect and highlight, mask on click): Email addresses, phone numbers (international + UK), IP addresses (v4 and v6), person names, postal addresses, employers, medical conditions, ages, dates of birth, salaries.
  • Custom: Anything you add via right-click → "Mask with PiiBlocker".
• Three site integrations: ChatGPT (chatgpt.com and chat.openai.com), Claude (claude.ai), and Gemini (gemini.google.com).
• Bracket-format placeholders like [PERSON_A], [CARD_A], [EMAIL_A]. Chosen because LLMs preserve bracketed tokens at ~90% fidelity in responses vs ~75% for unbracketed.
• Response unmasking. When the AI replies, placeholders are silently swapped back to your real data - so you see "Hi Sarah" while the AI only ever saw "Hi [PERSON_A]". Variant matching handles possessives, capitalization, and dropped brackets.
• Mapping sidebar fallback. If unmasking can't resolve a placeholder, a reference panel slides in showing all your placeholders → real values for that conversation.
• Personal Dictionary. Right-click anything in a prompt → "Mask with PiiBlocker" → optionally save to your dictionary so it's auto-detected next time. Useful for non-Western names, project codenames, internal jargon, anything PiiBlocker's built-in detectors miss.
• AES-256-GCM encryption on stored masking mappings. Encryption key is generated per session and held only in browser memory - never written to disk.
• 4-hour auto-expiry on masking sessions. Mappings purge automatically; nothing lingers indefinitely.
• PII-free audit log. PiiBlocker tracks what types of PII were detected and what actions you took - but never stores the actual PII values themselves.
• Privacy score (out of 100) updates after each masking action.
• Weekly privacy report with site-by-site activity, PII type breakdown, and a shareable summary card (containing zero PII).

Privacy guarantees

• 100% on-device processing. No PII is ever sent to PiiBlocker's servers - there are no servers. All detection, masking, and unmasking happens locally in your browser.
• No telemetry, no analytics, no tracking. PiiBlocker does not phone home.
• No account required. Install and use it immediately, no sign-up.